OASIcs.TrustworthySW.2006.691.pdf
- Filesize: 392 kB
- 29 pages
Document
Relating two standard notions of secrecy
Authors
-
Part of:
Volume:
Workshop on Trustworthy Software (TrustworthySW 2006)
Series: Open Access Series in Informatics (OASIcs) - License:
Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported license
- Publication Date: 2006-09-26
File
Document Identifiers
Cite As Get BibTex
Eugen Zalinescu, Véronique Cortier, and Michaël Rusinowitch. Relating two standard notions of secrecy. In Workshop on Trustworthy Software. Open Access Series in Informatics (OASIcs), Volume 3, pp. 1-29, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2006)
https://doi.org/10.4230/OASIcs.TrustworthySW.2006.691
Abstract
Two styles of definitions are usually considered to
express that a security protocol preserves the confidentiality of a
data { t s}. Reach-ability-based secrecy means that { t s} should
never be disclosed while equi-valence-based secrecy states that two
executions of a protocol with distinct instances for { t s} should
be indistinguishable to an attacker. Although the second formulation
ensures a higher level of security and is closer to cryptographic
notions of secrecy, decidability results and automatic tools have
mainly focused on the first definition so far.
This paper initiates a systematic investigation of situations where
syntactic secrecy entails strong secrecy.
We show that in the passive case, reachability-based secrecy
actually implies equivalence-based secrecy for signatures, symmetric
and asymmetric encryption provided that the primitives are
probabilistic. For active adversaries in the case of symmetric
encryption, we provide sufficient (and rather tight) conditions on
the protocol for this implication to hold.
Subject Classification
Keywords
- Verification
- security protocols
- secrecy
- applied-pi calculus
Metrics
- Access Statistics
-
Total Accesses (updated on a weekly basis)
0PDF Downloads